Check Point 1006 DDoS Protector Appliance Firewall

Stop Denial of Service attacks in seconds with customized, multilayered protection that blocks a wide range of attacks.

Consult

Check Point 1006 DDoS Protector Appliance Firewall

Features:

Multi-Layered Protections

Network and Traffic Flood Protections

Protection against DDoS attacks aimed at networks using:

  • Behavioral DoS—Protects against TCP, UDP, ICMP, IGMP and Fragment DDoS attacks with adaptive behavioral based detection.
  • DoS Shield—Protects against known DDoS attack tools with pre-defined an customized filters to block rate-limits per pattern.
  • Syn Protection—Blocks SYN-spoofed DoS with SYN rate thresholds per protected servers.
  • Black List—Blocks generic attacks with L3 and L4 sourcedestination classifications and expiration rules.
  • Connection Rate Limit—Blocks generic, non-supported protocols (non DNS, HTTP) and application level flood attacks with rate-based thresholds.

Application Based Dos/Ddos Protections

Protects against more complex DDoS attacks that misuse application resources with:

  • SYN Protection with Web Challenge—Protects against HTTP connection-based DoS attacks with SYN rate threshold per protected server.
  • Behavioral DNS Protections—Block DNS query DoS attacks with DNS adaptive behavioral based detection using DNS footprint blocking rate limits and DNS challenge and response.
  • Behavioral HTTP Protections (The “HTTP Mitigator”)—Blocks HTTP connection-based DoS attacks and upstream HTTP bandwidth attacks with server-based HTTP adaptive behavioral detection, HTTP footprint with web challenge response, 302 redirect and JS challenge actions.

Directed Application Dos/DDoS Protections

Repels Dos and DDoS attacks that require special filtering criteria. Flexible filtering definitions search for specific content patterns in each packet. Enables the ability to analyze and block ongoing attacks by defining on-the-fly protections.

Management

DDoS Appliances are integrated with Check Point Security Management, including:

SmartEvent

Unified security event and analysis solution that delivers real-time threat management information to instantly stop threats and block attacks with on-the-fly protections. Move from business view to forensics in just three clicks.

SmartLog

Advanced log analyzer that delivers proactive security intelligence with split-second search results from any log field for instant visibility into billions of log records over multiple time periods and domains.

SmartView Tracker

Comprehensive auditing solution to troubleshoot system and security issues, gather information for legal or audit purposes, and generate reports to analyze network traffic patterns. In the case of an attack or other suspicious network activity, use SmartView Tracker to temporarily or permanently terminate connections from specific IP addresses.

Alerting

SNMP V1, 2C and 3, Log File, Syslog, Email

Configuration

SNMP, V1, 2C, 3, HTTP, HTTPS, SSH, Telnet, SOAP, API, Console (user selectable).

Time Synchronization

Based on Network Time Protocol (NTP).

Export Real-Time Signature Information

Northbound XML interface exports behavioral parameters. 

Technical Specifications:

 

Model 506 1006 2006 4412 8412 12412 10420 20420 30420 40420
Network Grade Enterprise Datacenter Carrier
Performance1
Capacity 2 500Mbps 1Gbps 2Gbps 4Gbps 8Gbps 14Gbps 10Gbps 20Gbps 30Gbps 40Gbps
Throughput 3 500Mbps 1Gbps 2Gbps 4Gbps  8Gbps 12Gbps 10Gbps 20Gbps 30Gbps 40Gbps
Max Concurrent Sessions 2,000,000 4,000,000 6,000,000
Max DDoS Flood Attack Prevention Rate (pps) 1,000,000 10,000,000 25,000,000
Latency < 60 microseconds
Real Time Signatures Detect and protect in less than 18 seconds
Inspection Ports
10/100/1000 Copper Ethernet 4 4 4 8 8 8 - - - -
Gigabit Ethernet (SFP) 2 2 2 4 4 4 - - - -
10 Gigabit Ethernet (XFP) - - - 4 4 4 - - - -
1 / 10 Gigabit Ethernet (SFP+) - - - - - - 20 20 20 20
40 Gigabit Ethernet (QSFP+) - - - - - - 4 4 4 4
Management Ports
10/100/1000 Copper Ethernet 2 2 2 2 2 2 2 2 2 2
RS-232 1 1 1 1 1 1 1 1 1 1
Operation Mode
Network Operation Transparent L2 Forwarding
Deployment Modes In-line; SPAN Port Monitoring; Copy Port Monitoring; local out-of-path; Out-of-path mitigation (scrubbing center solution)
Tunneling Protocol Support VLAN Tagging, L2TP, MPLS, GRE, GTP
IPv6 Support IPv6 networks and block IPv6 attacks
Policy Action Block & Report, Report Only
Block Actions Drop packet, reset (source, destination, both), suspend (source, src port, destination, dest port or any combination), Challenge-Response for HTTP and DNS attacks
High Availability
Fail-open/fail-close Internal fail-open/fail-close for copper ports; internal fail-close for SFP ports; optional fail-open for SFP ports 4 Internal fail-open/fail-close for copper ports; internal fail-close for SFP and XFP ports; optional fail-open for SFP and XFP ports 5 internal fail-close for SFP+ and QSFP+ ports; optional fail-open for SFP+ and QSFP+ ports 5
Clustering Active-Passive Cluster
Power
Dual Power Supply Optional Yes - Hot Swappable
Advanced internal overload mechanism Yes
Power Consumption 177W, 
(Dual PS option 147W)
476W 634W
Heat Dissipation 604 BTU/h, 
(Dual PS option 501 BTU/h)
1623 BTU/h 2162 BTU/h
Auto-Ranging 100V-120V/200V-240V AC 47-63Hz or -38 to -72VDC
Physical
Dimensions (WxDxH) 424mm x 457mm x 44mm 424mm x 600mm x 88mm 426mm x 537mm x 88mm
Weight 15.9 lb / 7.2 kg, 
(Dual PS option 19.2 lb / 8.7 kg)
39.0 lb / 18.0 kg 33.2 lb / 15.1 kg
Operating Temperature 5 - 55 C
Humidity (non-condensing) 5% to 95%
Certifications
Safety Certifications EN 60950-1:2006, CB - IEC 60950-1, cTUVus EN, UL, CSA, IEC #60950-1 EN 60950-1:2006, CB -
IEC 60950-1, CCC, cTUVus
EMC EN 55022, EN 55024, FCC Part 15B Class A EN 55022, EN 55024, FCC Part 15B Class A EN 55022, EN 55024,
EN 61000-3-2, EN 61000-3-3
A
Other Certifications CE, FCC, VCCI, CB, TUV, UL/cUL, CCC, C-Tick, RoHS CE, FCC, VCCI, CB, TUV, UL/cUL, CCC, C-Tick, RoHS IEC 61000 4-2 to 4-6 , 
IEC 61000
4-8 & IEC 61000-4-11, 
FCC Part 15B
Class A, ICES-003, VCCI,
C-Tick RoHS 6 Compliant
1  Actual performance figures may change per network configuration, traffic type, etc.
2 Capacity is measured as maximum traffic forwarding when no security profiles are configured.
3 Throughput is measured with behavioral IPS protections and signature IPS protections using eCommerce protection profile.
4 External fiber fail-open switch with SFP ports is available at additional cost.
5 External fiber fail-open switches with SFP, XFP SFP+ or QSFP+ ports are available at additional cost.

Product List

SMB Appliances 700 Appliances Check Point 730
Check Point 750
Check Point 770
Check Point 790
Security Gateway Appliances Small and Medium Enterprise Series Check Point 1200R Rugged
Check Point 1430 
Check Point 1450
Check Point 1470 
Check Point 1490
Check Point 3100
Check Point 3200
Enterprise Series Check Point 5100
Check Point 5200
Check Point 5400
Check Point 5600
Check Point 5800
Check Point 5900
High End Enterprise and Data Center Series Check Point 15400
Check Point 15600
Check Point 23500
Check Point 23800
Network Security SandBlast Appliances Check Point TE100X
Check Point TE250X
Check Point TE1000X
Check Point TE2000X
Enterprise Grade DDoS Protector Check Point 506 
Check Point 1006
Check Point 2006
Datacenter Grade DDoS Protector Check Point 4412
Check Point 8412
Check Point 12412
Large Datacenter/Carrier Grade DDoS Protector Check Point 10420
Check Point 20420
Check Point 30420
Check Point 40420
Customized Solution Security Systems Series Check Point 41000
Check Point 61000
Check Point 44000
Check Point 64000
X Series Appliances Check Point X50
Check Point X60
Check Point X80
Security Management Check Point Smart-1 Applainces Check Point Smart-1-205
Check Point Smart-1-210
Check Point Smart-1-225
Check Point Smart-1-3050
Check Point Smart-1-3150

 

TOP